VYPR
Medium severity6.1NVD Advisory· Published Jul 27, 2017· Updated Jun 17, 2026

CVE-2017-11685

CVE-2017-11685

Description

Multiple Reflective cross-site scripting (XSS) vulnerabilities in search and display of event data in Zoho ManageEngine Event Log Analyzer 11.4 and 11.5 allow remote attackers to inject arbitrary web script or HTML, as demonstrated by the fName parameter.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.